Re: Today's call: summary on user agent compliance from Justin Brookman on 2012-06-08 (public-tracking@w3.org from June 2012)

From: Justin Brookman <justin@cdt.org>
Date: Fri, 08 Jun 2012 15:32:55 -0400
To: public-tracking@w3.org
Message-ID: <4FD25367.70807@cdt.org>

DNT was proposed because of the problems with the existing industry 
opt-out process and the insufficiency of blocking cookies.  Giving all 
"compliant" third parties the ability to force users to install a new 
browser or stop surfing the web are hardly legitimate choices, and will 
not result in a workable, reliable DNT system.

The problem of defaults should be addressed by adding new affirmative 
obligations on user agents.  If a third party believes that a UA is 
setting an expression of user preference without user permission, they 
can bring legal action against the UA.  But as a user, I don't want 
unknown third parties tracking me in spite of my DNT signal because they 
didn't like my browser's interface.

Justin Brookman
Director, Consumer Privacy
Center for Democracy&  Technology
1634 I Street NW, Suite 1100
Washington, DC 20006
tel 202.407.8812
fax 202.637.0969
justin@cdt.org
http://www.cdt.org
@CenDemTech
@JustinBrookman

On 6/8/2012 3:00 PM, Shane Wiley wrote:
> Tamir,
>
> The user has many options at that point:
> - Switch to a compliant UA and set DNT
> - Use the existing opt-out approach
> - Block cookies (in whole or selectively)
> - Stop viewing the free content provided on that site
>
> What signifies consent in your view today in the absence of a DNT standard?
>
> - Shane
>
> -----Original Message-----
> From: Rigo Wenning [mailto:rigo@w3.org]
> Sent: Friday, June 08, 2012 11:57 AM
> To: Tamir Israel
> Cc: Shane Wiley; Jeffrey Chester; Ninja Marnau; ifette@google.com; Bjoern Hoehrmann; David Singer; public-tracking@w3.org (public-tracking@w3.org)
> Subject: Re: Today's call: summary on user agent compliance
>
> On Friday 08 June 2012 14:49:23 Tamir Israel wrote:
>> I truly apologize for belaboring this issue, but once the DNT-1
>> signal  is ignored, there is no longer an available opt-out
>> mechanism for the user to employ in order to express their
>> preference. So regulators will then have to decide whether the
>> mere presence of notice that tracking is occurring offers a
>> sufficiently meaningful consent mechanism.
> You found the hole! I have to think about it.
>
> Rigo
>
>
>

Received on Friday, 8 June 2012 19:33:26 UTC